[go: up one dir, main page]

CN119814759A - A file downloading method, device, electronic device and readable medium - Google Patents

A file downloading method, device, electronic device and readable medium Download PDF

Info

Publication number
CN119814759A
CN119814759A CN202411770667.XA CN202411770667A CN119814759A CN 119814759 A CN119814759 A CN 119814759A CN 202411770667 A CN202411770667 A CN 202411770667A CN 119814759 A CN119814759 A CN 119814759A
Authority
CN
China
Prior art keywords
file
user
downloading
request
download
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202411770667.XA
Other languages
Chinese (zh)
Inventor
吴嘉炫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Cloud Technology Co Ltd
Original Assignee
China Telecom Cloud Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Cloud Technology Co Ltd filed Critical China Telecom Cloud Technology Co Ltd
Priority to CN202411770667.XA priority Critical patent/CN119814759A/en
Publication of CN119814759A publication Critical patent/CN119814759A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明实施例提供了一种文件下载方法、装置、电子设备及可读介质,拦截用户的文件下载请求,并获取文件下载请求对应的文件类型;基于用户的个人信息,判断用户是否具有下载文件类型的文件的权限;若用户具有权限,则将文件下载请求对应的文件下载至预设的虚拟盘,并通过虚拟盘判断文件中是否存在恶意信息;文件中存在预设的目标散列函数;若文件中不存在恶意信息,则将文件传递至用户;基于目标散列函数,判断用户获取的文件是否被损坏,确保了文件的完整性和安全性,以防止恶意软件或损坏的文件对系统和数据造成危害。

The embodiments of the present invention provide a file downloading method, device, electronic device and readable medium, which intercept a user's file download request and obtain a file type corresponding to the file download request; based on the user's personal information, determine whether the user has the authority to download files of the file type; if the user has the authority, download the file corresponding to the file download request to a preset virtual disk, and determine whether there is malicious information in the file through the virtual disk; a preset target hash function exists in the file; if there is no malicious information in the file, the file is delivered to the user; based on the target hash function, determine whether the file obtained by the user is damaged, thereby ensuring the integrity and security of the file, so as to prevent malicious software or damaged files from causing harm to the system and data.

Description

File downloading method and device, electronic equipment and readable medium
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a file downloading method, a file downloading device, an electronic device, and a computer readable medium.
Background
In a daily office scenario, a user needs to perform a downloading operation from the internet, including content such as software, code packages, documents, and the like. However, it is difficult for the user to recognize the authenticity of the download source, and in addition, the effect of "survivor bias" is extremely vulnerable to fraud by counterfeit links and counterfeit websites. Meanwhile, a malicious attacker can disguise, induce and the like, so that the attack behavior is more difficult to perceive and prevent.
Disclosure of Invention
The embodiment of the invention provides a file downloading method, a file downloading device, electronic equipment and a computer readable storage medium, which are used for solving the problem that a user is difficult to identify the authenticity of a downloading source and is extremely easy to deceive by counterfeit links and counterfeit websites due to the influence of survivor deviation. Meanwhile, a malicious attacker can disguise, induce and the like, so that the attack behavior is more difficult to perceive and prevent.
The embodiment of the invention discloses a file downloading method, which comprises the following steps:
Intercepting a file downloading request of a user, and acquiring a file type corresponding to the file downloading request;
judging whether the user has the authority to download the file of the file type or not based on the personal information of the user;
If the user has the authority, downloading a file corresponding to the file downloading request to a preset virtual disk, and judging whether malicious information exists in the file or not through the virtual disk;
if the malicious information does not exist in the file, the file is transmitted to the user;
And judging whether the file acquired by the user is damaged or not based on the target hash function.
Optionally, the file further includes a target hash value corresponding to the target hash function, and the determining, based on the target hash function, whether the file acquired by the user is damaged includes:
calculating a hash value to be processed corresponding to the target hash function based on the target hash function;
If the hash value to be processed is the same as the target hash value, confirming that the file acquired by the user is not damaged;
And if the hash value to be processed is different from the target hash value, confirming that the file acquired by the user is damaged.
Optionally, intercepting the file download request of the user includes:
Acquiring a network request sent by the user, wherein the network request comprises a network request identifier;
Judging whether the network request is the file downloading request or not based on the network request identifier;
And if the network request is the file downloading request, intercepting the file downloading request.
Optionally, the determining, based on the personal information of the user, whether the user has a right to download the file of the file type includes:
the personal information comprises at least one of an identity card number, a birthday, a file downloading password and a verification code received by the user terminal;
Acquiring the identity of the user based on the personal information;
based on the identity of the user, whether the user has the authority to download the file of the file type is judged.
Optionally, the method comprises:
acquiring a domain name corresponding to the file downloading request;
Judging whether the domain name exists in a preset white list or not;
And if the domain name does not exist in the white list, acquiring the verification code received by the user terminal, and verifying the identity of the user based on the verification code.
Optionally, the method comprises:
And scanning the file acquired by the user by using a preset malicious software scanning engine, and judging whether malicious software exists in the file.
Optionally, the method comprises:
And recording the downloading information of the file, wherein the downloading information comprises at least one of downloading users, downloading time and downloading file names.
The embodiment of the invention also discloses a file downloading device, which comprises:
The intercepting module is used for intercepting a file downloading request of a user and acquiring a file type corresponding to the file downloading request;
The permission judging module is used for judging whether the user has permission to download the file of the file type or not based on the personal information of the user;
the downloading module is used for downloading the file corresponding to the file downloading request to a preset virtual disk if the user has the authority, and judging whether malicious information exists in the file or not through the virtual disk;
The transmission module is used for transmitting the file to the user if the malicious information does not exist in the file;
and the damage judging module is used for judging whether the file acquired by the user is damaged or not based on the target hash function.
Optionally, the file further includes a target hash value corresponding to the target hash function, and the damage judging module includes:
A computing sub-module, configured to compute a hash value to be processed corresponding to the target hash function based on the target hash function;
a first confirming sub-module, configured to confirm that the file acquired by the user is not damaged if the hash value to be processed is the same as the target hash value;
and the second confirming sub-module is used for confirming that the file acquired by the user is damaged if the hash value to be processed is different from the target hash value.
Optionally, the interception module includes:
The request acquisition sub-module is used for acquiring a network request sent by the user, wherein the network request comprises a network request identifier;
The request judging sub-module is used for judging whether the network request is the file downloading request or not based on the network request identifier;
and the interception sub-module is used for intercepting the file downloading request if the network request is the file downloading request.
Optionally, the permission judging module includes:
the personal information acquisition sub-module is used for acquiring personal information of the user, wherein the personal information comprises at least one of an identity card number, a birthday, a file downloading password and a verification code received by the user terminal;
the identity acquisition sub-module is used for acquiring the identity of the user based on the personal information;
and the permission judging sub-module is used for judging whether the user has permission to download the file of the file type or not based on the identity of the user.
Optionally, the apparatus comprises:
the domain name acquisition module is used for acquiring a domain name corresponding to the file downloading request;
the white list judging module is used for judging whether the domain name exists in a preset white list or not;
And the verification code acquisition module is used for acquiring the verification code received by the user terminal if the domain name does not exist in the white list and verifying the identity of the user based on the verification code.
Optionally, the apparatus comprises:
The scanning module is used for scanning the file acquired by the user by using a preset malicious software scanning engine and judging whether malicious software exists in the file.
Optionally, the apparatus comprises:
The information recording module is used for recording the downloading information of the file, wherein the downloading information comprises at least one of downloading users, downloading time and downloading file names.
The embodiment of the invention also discloses electronic equipment, which comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;
The memory is used for storing a computer program;
the processor is configured to implement the method according to the embodiment of the present invention when executing the program stored in the memory.
Embodiments of the invention also disclose one or more computer-readable media having instructions stored thereon, which when executed by one or more processors, cause the processors to perform the methods described in the embodiments of the invention.
The embodiment of the invention has the following advantages:
In the embodiment of the invention, the file downloading request of the user is intercepted, and the file type corresponding to the file downloading request is obtained. Judging whether the user has the authority to download the file of the file type or not based on the personal information of the user, if the user has the authority, downloading the file corresponding to the file downloading request to a preset virtual disk, judging whether malicious information exists in the file or not through the virtual disk, and if so, judging that a preset target hash function exists in the file. Judging whether the file acquired by the user is damaged or not based on the target hash function, judging whether the file acquired by the user is damaged or not based on the target hash function and judging whether the file acquired by the user is damaged or not based on the target hash function, and ensuring the integrity and the safety of the file so as to prevent damage to a system and data caused by malicious software or the damaged file.
Drawings
FIG. 1 is a flow chart of steps of a method for downloading a file according to an embodiment of the present invention;
FIG. 2 is a flow chart of steps of yet another file downloading method provided in an embodiment of the present invention;
FIG. 3 is a block diagram of a file downloading device according to an embodiment of the present invention;
FIG. 4 is a block diagram of an electronic device provided in an embodiment of the invention;
Fig. 5 is a schematic diagram of a computer readable medium provided in an embodiment of the invention.
Detailed Description
In order that the above-recited objects, features and advantages of the present invention will become more readily apparent, a more particular description of the invention will be rendered by reference to the appended drawings and appended detailed description.
In order to facilitate understanding of technical solutions and technical effects of the embodiments of the present invention, the following description will briefly explain the prior art of the present invention.
In the related art, the main principle of zero trust security refers to that when a company trusts a person or a device too much, a vulnerability often occurs. The zero trust model indicates that by default, any user, even a user allowed to enter the network, is likely to be deceptively tricked in the download operation and therefore should not be trusted.
In a daily office scenario, a user needs to perform a downloading operation from the internet, including content such as software, code packages, documents, and the like. Therefore, in a file download scenario in zero trust, security is critical. However, it is difficult for the user to recognize the authenticity of the download source, and in addition, the effect of "survivor bias" is extremely vulnerable to fraud by counterfeit links and counterfeit websites. Meanwhile, a malicious attacker can disguise, induce and the like, so that the attack behavior is more difficult to perceive and prevent.
Referring to fig. 1, a flowchart illustrating steps of a file downloading method provided in an embodiment of the present invention may specifically include the following steps:
step 101, intercepting a file downloading request of a user and acquiring a file type corresponding to the file downloading request;
In an embodiment of the present invention, the user may send at least one type of network request to the internet. The network request may include a file download request. The user may download the file from the internet via a file download request. However, when a user downloads a file through the internet, it is difficult for the user to recognize the authenticity of the download source, and the user is extremely vulnerable to spoofing of counterfeit links and counterfeit websites.
In order to ensure the file downloading security in zero trust, the file downloading request of the user can be intercepted, and the file type corresponding to the file downloading request can be obtained.
In some embodiments of the present invention, intercepting a file download request from a user includes:
Acquiring a network request sent by the user, wherein the network request comprises a network request identifier;
Judging whether the network request is the file downloading request or not based on the network request identifier;
And if the network request is the file downloading request, intercepting the file downloading request.
In the embodiment of the invention, the network request sent by the user generally comprises a network request identifier. Therefore, the network request sent by the user can be acquired, and whether the network request is a file downloading request or not is judged according to the network request identification of the network request. Specifically, if the network request identifier is Content-Type and application/OCtet-stream, the network request is confirmed to be a file downloading request. Where Content-Type refers to Content Type, application/oct-stream is a MIME (Multipurpose INTERNET MAIL Extensions ) Type, meaning that data is a binary stream, typically used for file download.
In the embodiment of the invention, if the network request is a file downloading request, the file downloading request is intercepted, and the file type corresponding to the file downloading request is determined.
102, Judging whether the user has the authority to download the file of the file type or not based on the personal information of the user;
in the embodiment of the invention, the personal information of the user can be acquired. And confirming the identity of the user according to the personal information of the user, and judging whether the user is a disguised user of a malicious attacker or not, and whether the user has the authority of downloading the file of the file type corresponding to the file downloading request or not.
In some embodiments of the present invention, the determining, based on the personal information of the user, whether the user has a right to download the file of the file type includes:
the personal information comprises at least one of an identity card number, a birthday, a file downloading password and a verification code received by the user terminal;
Acquiring the identity of the user based on the personal information;
based on the identity of the user, whether the user has the authority to download the file of the file type is judged.
In the embodiment of the invention, the personal information of the user can be obtained, and the identity of the user can be obtained based on the personal information of the user. The personal information of the user comprises at least one of an identity card number, a birthday, a file downloading password and a verification code received by the user terminal. The file downloading password refers to a password which needs to be input to confirm the identity of a user when the user downloads the file through the Internet. In the embodiment of the invention, based on the identity of the user, whether the user has the authority to download the file of the file type corresponding to the file downloading request can be judged.
Specifically, in a zero trust environment, after intercepting a file downloading request sent by a user, authentication and authorization are required to be performed on the user, so that only authorized users can download a specific file. This may be achieved by authentication mechanisms and access control policies such as single sign-on, multi-factor authentication, etc.
Single sign-on refers to obtaining individual personal information of a user entered by the user, through which the identity of the user is verified. The individual personal information may be an identification number, a password, a birthday, etc.
Multi-factor authentication refers to the authentication of a user by obtaining two or more personal information of the user, such as a password and a mobile phone short message authentication code, a password and a birthday of the user, etc.
An access control policy is a rule for managing access rights of a user to a resource. For example, based on the access control of the roles, whether the user has the authority to download the specific file is judged according to the roles of the user.
In the embodiment of the invention, the user attack challenge can be further carried out, namely whether the user is disguised by a malicious attacker or whether automatic attack or account takeover exists or not is judged through passwords, verification codes and the like.
In some embodiments of the invention, the method comprises:
acquiring a domain name corresponding to the file downloading request;
Judging whether the domain name exists in a preset white list or not;
And if the domain name does not exist in the white list, acquiring the verification code received by the user terminal, and verifying the identity of the user based on the verification code.
In the embodiment of the invention, the domain name corresponding to the file downloading request can be obtained, and whether the domain name exists in a preset white list or not is judged. If the domain name does not exist in the white list, acquiring the verification code received by the user terminal, and verifying the identity of the user based on the verification code. Where the domain name refers to a network address. The domain name corresponding to the file download request is a network address used when the user sends the file download request.
Step 103, if the user has the authority, downloading a file corresponding to the file downloading request to a preset virtual disk, and judging whether malicious information exists in the file or not through the virtual disk;
In the embodiment of the invention, after the identity of the user is verified and the user is confirmed to have the authority to download the file of the file type corresponding to the file downloading request, the file corresponding to the file downloading request is downloaded to the preset virtual disk environment. The virtual disk environment simulates portions of the operating system, but is isolated from the user's actual system. The virtual disk environment can further analyze and test the file, help to detect whether malicious information exists in the file, and prevent unknown malicious behaviors in the file so as to protect an actual system from unknown threats. Therefore, whether malicious information exists in the file can be judged by the virtual disk.
Malicious information includes information such as malware, code, and the like. It should be noted that, a preset target hash function exists in the file.
104, If the malicious information does not exist in the file, transmitting the file to the user;
In the embodiment of the invention, if the virtual disk environment confirms that malicious information does not exist in the file, the file can be transmitted to a user. The file acquired by the user is the downloaded file.
Step 105, based on the target hash function, judging whether the file acquired by the user is damaged.
In the embodiment of the invention, after the actual system used by the user acquires the downloaded file, the system can judge whether the file acquired by the user is tampered or damaged in the transmission process based on the target hash function contained in the file.
In some embodiments of the present invention, the file further includes a target hash value corresponding to the target hash function, and the determining, based on the target hash function, whether the file acquired by the user is damaged includes:
calculating a hash value to be processed corresponding to the target hash function based on the target hash function;
If the hash value to be processed is the same as the target hash value, confirming that the file acquired by the user is not damaged;
And if the hash value to be processed is different from the target hash value, confirming that the file acquired by the user is damaged.
In an embodiment of the present invention, the downloaded file includes a target hash function and a target hash value corresponding to the target hash function. After the actual system used by the user obtains the downloaded file, the system can calculate the hash value to be processed corresponding to the target hash function based on the target hash function. If the hash value to be processed is the same as the target hash value, confirming that the file acquired by the user is not damaged or tampered, and if the hash value to be processed is different from the target hash value, confirming that the file acquired by the user is damaged or tampered.
Specifically, the target hash function may be md5 (Message-DigestAlgorithm, message digest algorithm 5). The step of calculating the hash value of the data to be processed based on the MD5 hash function is that, first, data to be hashed is acquired. This may be any form of data such as text, files, etc. An MD5 hash object is then created in the system. The data to be hashed is converted into a byte string. The string of data bytes is passed to the hash object. Finally, the digest () or hexdigest () method of the hash object is called to obtain the hash value. The digest () method returns binary data, and hexdigest () returns a string in hexadecimal format.
In some embodiments of the invention, the method comprises:
And scanning the file acquired by the user by using a preset malicious software scanning engine, and judging whether malicious software exists in the file.
In the embodiment of the invention, the downloaded file can be scanned by using a malicious software scanning engine to detect whether malicious software exists in the file or not so as to prevent the malicious software from being transmitted into the system.
In some embodiments of the invention, the method comprises:
And recording the downloading information of the file, wherein the downloading information comprises at least one of downloading users, downloading time and downloading file names.
In the embodiment of the invention, the detailed information of file downloading, including users, time, file names and the like, is recorded so as to carry out subsequent audit and investigation, thereby being beneficial to tracking and identifying potential security events.
In the embodiment of the invention, the file downloading request of the user is intercepted, and the file type corresponding to the file downloading request is obtained. Judging whether the user has the authority to download the file of the file type or not based on the personal information of the user, if the user has the authority, downloading the file corresponding to the file downloading request to a preset virtual disk, judging whether malicious information exists in the file or not through the virtual disk, and if so, judging that a preset target hash function exists in the file. Judging whether the file acquired by the user is damaged or not based on the target hash function, judging whether the file acquired by the user is damaged or not based on the target hash function and judging whether the file acquired by the user is damaged or not based on the target hash function, and ensuring the integrity and the safety of the file so as to prevent damage to a system and data caused by malicious software or the damaged file.
In a zero trust system, the requirement on users is high, and the misoperation of a single-point user can influence the global network security. And file downloading behavior is operation with high frequency of use and extremely high security risk for users. According to the invention, whether malicious information exists in the file or not is judged through the virtual disk, and whether the file acquired by the user is damaged or not is judged based on the target hash function, so that the integrity and the safety of the downloaded file of the user are ensured, the detection and blocking capability for malicious behaviors are enhanced, and the safety of a zero trust system is improved.
In the embodiment of the invention, all browser downloading behaviors of the user terminal are included in the management and control of the zero-trust product, and the user only allows downloading of official software. The third party and the file of the non-white list domain name need to be manually confirmed by a user through verification codes, passwords and the like, and meanwhile, a warning is recorded to an audit center.
Referring to fig. 2, a flowchart illustrating steps of another file downloading method provided in an embodiment of the present invention may specifically include the following steps:
step 201, file download management and control.
Step 202, network request interception, including network request filtering and extracting related domain names.
And acquiring a network request sent by the user, wherein the network request comprises a network request identifier. Judging whether the network request is a file downloading request or not based on the network request identification, intercepting the file downloading request if the network request is the file downloading request, and acquiring a domain name corresponding to the file downloading request.
Step 203, user authentication and authorization, including security challenges for non-whitelisted domain names.
And acquiring personal information of the user, wherein the personal information comprises at least one of an identity card number, a birthday, a file downloading password and a verification code received by the user terminal. Based on the identity of the user, judging whether the user has the authority to download the file of the file type.
Judging whether the domain name exists in a preset white list, if the domain name does not exist in the white list, acquiring a verification code received by the user terminal, and verifying the identity of the user based on the verification code.
Step 204, virtual disk storage.
Downloading the file corresponding to the file downloading request to a preset virtual disk, and judging whether malicious information exists in the file or not through the virtual disk.
Step 205, trojan horse scanning, including local computing of MD5 and uploading of cloud sandboxed Trojan horse scanning.
Based on the target hash function, calculating a hash value to be processed corresponding to the target hash function. If the hash value to be processed is the same as the target hash value, confirming that the file acquired by the user is not damaged, and if the hash value to be processed is different from the target hash value, confirming that the file acquired by the user is damaged. Scanning a file acquired by a user by using a preset malicious software scanning engine, and judging whether malicious software exists in the file.
A cloud sandbox is a cloud computing environment that allows users to run and test unknown or untrusted code, applications, or files in a quarantined environment without posing a potential threat to the host system or other network environment.
At step 206, the operation records an audit.
And recording the downloading information of the file, wherein the downloading information comprises at least one of downloading users, downloading time and downloading file names.
It should be noted that, for simplicity of description, the method embodiments are shown as a series of acts, but it should be understood by those skilled in the art that the embodiments are not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred embodiments, and that the acts are not necessarily required by the embodiments of the invention.
Referring to fig. 3, a block diagram of a file downloading device provided in an embodiment of the present invention is shown, which may specifically include the following modules:
the intercepting module 301 is configured to intercept a file downloading request of a user and obtain a file type corresponding to the file downloading request;
a permission judging module 302, configured to judge, based on personal information of the user, whether the user has permission to download the file of the file type;
A downloading module 303, configured to, if the user has the right, download a file corresponding to the file downloading request to a preset virtual disk, and determine whether malicious information exists in the file through the virtual disk;
a transfer module 304, configured to transfer the file to the user if the malicious information does not exist in the file;
A damage judging module 305, configured to judge whether the file acquired by the user is damaged based on the target hash function.
In an optional embodiment of the present invention, the file further includes a target hash value corresponding to the target hash function, and the damage judging module includes:
A computing sub-module, configured to compute a hash value to be processed corresponding to the target hash function based on the target hash function;
a first confirming sub-module, configured to confirm that the file acquired by the user is not damaged if the hash value to be processed is the same as the target hash value;
and the second confirming sub-module is used for confirming that the file acquired by the user is damaged if the hash value to be processed is different from the target hash value.
In an alternative embodiment of the present invention, the interception module includes:
The request acquisition sub-module is used for acquiring a network request sent by the user, wherein the network request comprises a network request identifier;
The request judging sub-module is used for judging whether the network request is the file downloading request or not based on the network request identifier;
and the interception sub-module is used for intercepting the file downloading request if the network request is the file downloading request.
In an alternative embodiment of the present invention, the permission judging module includes:
the personal information acquisition sub-module is used for acquiring personal information of the user, wherein the personal information comprises at least one of an identity card number, a birthday, a file downloading password and a verification code received by the user terminal;
the identity acquisition sub-module is used for acquiring the identity of the user based on the personal information;
and the permission judging sub-module is used for judging whether the user has permission to download the file of the file type or not based on the identity of the user.
In an alternative embodiment of the invention, the apparatus comprises:
the domain name acquisition module is used for acquiring a domain name corresponding to the file downloading request;
the white list judging module is used for judging whether the domain name exists in a preset white list or not;
And the verification code acquisition module is used for acquiring the verification code received by the user terminal if the domain name does not exist in the white list and verifying the identity of the user based on the verification code.
In an alternative embodiment of the invention, the apparatus comprises:
The scanning module is used for scanning the file acquired by the user by using a preset malicious software scanning engine and judging whether malicious software exists in the file.
In an alternative embodiment of the invention, the apparatus comprises:
The information recording module is used for recording the downloading information of the file, wherein the downloading information comprises at least one of downloading users, downloading time and downloading file names.
For the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points.
In addition, the embodiment of the invention also provides an electronic device, as shown in fig. 4, which comprises a processor 401, a communication interface 402, a memory 403 and a communication bus 404, wherein the processor 401, the communication interface 402 and the memory 403 complete communication with each other through the communication bus 404,
A memory 403 for storing a computer program;
The processor 401, when executing the program stored in the memory 403, implements the following steps:
Intercepting a file downloading request of a user, and acquiring a file type corresponding to the file downloading request;
judging whether the user has the authority to download the file of the file type or not based on the personal information of the user;
If the user has the authority, downloading a file corresponding to the file downloading request to a preset virtual disk, and judging whether malicious information exists in the file or not through the virtual disk;
if the malicious information does not exist in the file, the file is transmitted to the user;
And judging whether the file acquired by the user is damaged or not based on the target hash function.
In an optional embodiment of the present invention, the file further includes a target hash value corresponding to the target hash function, and the determining, based on the target hash function, whether the file acquired by the user is damaged includes:
calculating a hash value to be processed corresponding to the target hash function based on the target hash function;
If the hash value to be processed is the same as the target hash value, confirming that the file acquired by the user is not damaged;
And if the hash value to be processed is different from the target hash value, confirming that the file acquired by the user is damaged.
In an optional embodiment of the present invention, the intercepting the file download request of the user includes:
Acquiring a network request sent by the user, wherein the network request comprises a network request identifier;
Judging whether the network request is the file downloading request or not based on the network request identifier;
And if the network request is the file downloading request, intercepting the file downloading request.
In an optional embodiment of the present invention, the determining, based on the personal information of the user, whether the user has a right to download the file of the file type includes:
the personal information comprises at least one of an identity card number, a birthday, a file downloading password and a verification code received by the user terminal;
Acquiring the identity of the user based on the personal information;
based on the identity of the user, whether the user has the authority to download the file of the file type is judged.
In an alternative embodiment of the invention, the method comprises:
acquiring a domain name corresponding to the file downloading request;
Judging whether the domain name exists in a preset white list or not;
And if the domain name does not exist in the white list, acquiring the verification code received by the user terminal, and verifying the identity of the user based on the verification code.
In an alternative embodiment of the invention, the method comprises:
And scanning the file acquired by the user by using a preset malicious software scanning engine, and judging whether malicious software exists in the file.
In an alternative embodiment of the invention, the method comprises:
And recording the downloading information of the file, wherein the downloading information comprises at least one of downloading users, downloading time and downloading file names.
The communication bus mentioned by the above terminal may be a peripheral component interconnect standard (PERIPHERAL COMPONENT INTERCONNECT, abbreviated as PCI) bus or an extended industry standard architecture (Extended Industry StandardArchitecture, abbreviated as EISA) bus, etc. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.
The communication interface is used for communication between the terminal and other devices.
The memory may include random access memory (RandomAccess Memory, RAM) or may include non-volatile memory (non-volatile memory), such as at least one disk memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a central Processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), a digital signal processor (DIGITAL SIGNAL Processing, DSP), an Application Specific Integrated Circuit (ASIC), a Field-programmable gate array (Field-Programmable GateArray, FPGA), or other programmable logic device, discrete gate or transistor logic device, or discrete hardware components.
In yet another embodiment of the present invention, as shown in fig. 5, a computer readable storage medium 501 is provided, which stores instructions that, when executed on a computer, cause the computer to perform a file downloading method as described in the above embodiment.
In yet another embodiment of the present invention, a computer program product containing instructions that, when run on a computer, cause the computer to perform a file downloading method as described in the above embodiments is also provided.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present invention, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid state disk Solid STATE DISK (SSD)), etc.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
The foregoing description is only of the preferred embodiments of the present invention and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention are included in the protection scope of the present invention.

Claims (10)

1.一种文件下载方法,其特征在于,包括:1. A file downloading method, characterized by comprising: 拦截用户的文件下载请求,并获取所述文件下载请求对应的文件类型;Intercept the user's file download request and obtain the file type corresponding to the file download request; 基于所述用户的个人信息,判断所述用户是否具有下载所述文件类型的文件的权限;Based on the personal information of the user, determining whether the user has permission to download files of the file type; 若所述用户具有所述权限,则将所述文件下载请求对应的文件下载至预设的虚拟盘,并通过所述虚拟盘判断所述文件中是否存在恶意信息;所述文件中存在预设的目标散列函数;If the user has the permission, the file corresponding to the file download request is downloaded to a preset virtual disk, and the virtual disk is used to determine whether there is malicious information in the file; the file contains a preset target hash function; 若所述文件中不存在所述恶意信息,则将所述文件传递至所述用户;If the malicious information does not exist in the file, delivering the file to the user; 基于所述目标散列函数,判断所述用户获取的所述文件是否被损坏。Based on the target hash function, it is determined whether the file obtained by the user is damaged. 2.根据权利要求1所述的方法,其特征在于,所述文件中还存在所述目标散列函数对应的目标散列值;所述基于所述目标散列函数,判断所述用户获取的所述文件是否被损坏,包括:2. The method according to claim 1, characterized in that the file also contains a target hash value corresponding to the target hash function; and judging whether the file obtained by the user is damaged based on the target hash function comprises: 基于所述目标散列函数,计算所述目标散列函数对应的待处理散列值;Based on the target hash function, calculating a hash value to be processed corresponding to the target hash function; 若所述待处理散列值与所述目标散列值相同,则确认所述用户获取的所述文件未被损坏;If the to-be-processed hash value is the same as the target hash value, it is confirmed that the file obtained by the user is not damaged; 若所述待处理散列值与所述目标散列值不相同,则确认所述用户获取的所述文件被损坏。If the to-be-processed hash value is different from the target hash value, it is confirmed that the file obtained by the user is damaged. 3.根据权利要求1所述的方法,其特征在于,所述拦截用户的文件下载请求,包括:3. The method according to claim 1, characterized in that intercepting the user's file download request comprises: 获取所述用户发送的网络请求;所述网络请求中包括网络请求标识;Acquire a network request sent by the user; the network request includes a network request identifier; 基于所述网络请求标识,判断所述网络请求是否为所述文件下载请求;Based on the network request identifier, determining whether the network request is the file download request; 若所述网络请求为所述文件下载请求,则拦截所述文件下载请求。If the network request is the file download request, the file download request is intercepted. 4.根据权利要求1所述的方法,其特征在于,所述基于所述用户的个人信息,判断所述用户是否具有下载所述文件类型的文件的权限,包括:4. The method according to claim 1, characterized in that the step of determining whether the user has the authority to download files of the file type based on the user's personal information comprises: 获取所述用户的个人信息;所述个人信息包括身份证号、生日、文件下载密码以及所述用户终端收到的验证码中的至少一个;Acquire the user's personal information; the personal information includes at least one of an ID number, birthday, file download password, and a verification code received by the user terminal; 基于所述个人信息,获取所述用户的身份;Based on the personal information, obtaining the identity of the user; 基于所述用户的身份,判断所述用户是否具有下载所述文件类型的文件的权限。Based on the identity of the user, it is determined whether the user has permission to download files of the file type. 5.根据权利要求1所述的方法,其特征在于,所述方法包括:5. The method according to claim 1, characterized in that the method comprises: 获取所述文件下载请求对应的域名;Obtain the domain name corresponding to the file download request; 判断所述域名是否存在于预设的白名单中;Determine whether the domain name exists in a preset whitelist; 若所述域名未存在于所述白名单中,则获取所述用户终端收到的验证码,并基于所述验证码验证所述用户的身份。If the domain name does not exist in the whitelist, the verification code received by the user terminal is obtained, and the identity of the user is verified based on the verification code. 6.根据权利要求1所述的方法,其特征在于,所述方法包括:6. The method according to claim 1, characterized in that the method comprises: 利用预设的恶意软件扫描引擎对所述用户获取的所述文件进行扫描,判断所述文件中是否存在恶意软件。The file obtained by the user is scanned using a preset malware scanning engine to determine whether there is malware in the file. 7.根据权利要求1所述的方法,其特征在于,所述方法包括:7. The method according to claim 1, characterized in that the method comprises: 记录所述文件的下载信息;所述下载信息包括下载用户、下载时间以及下载文件名称中的至少一个。The download information of the file is recorded; the download information includes at least one of the downloading user, the downloading time and the name of the downloaded file. 8.一种文件下载装置,其特征在于,包括:8. A file downloading device, comprising: 拦截模块,用于拦截用户的文件下载请求,并获取所述文件下载请求对应的文件类型;An interception module is used to intercept a user's file download request and obtain the file type corresponding to the file download request; 权限判断模块,用于基于所述用户的个人信息,判断所述用户是否具有下载所述文件类型的文件的权限;An authority determination module, used to determine whether the user has the authority to download files of the file type based on the user's personal information; 下载模块,用于若所述用户具有所述权限,则将所述文件下载请求对应的文件下载至预设的虚拟盘,并通过所述虚拟盘判断所述文件中是否存在恶意信息;所述文件中存在预设的目标散列函数;A download module, used for downloading the file corresponding to the file download request to a preset virtual disk if the user has the permission, and judging whether there is malicious information in the file through the virtual disk; the file contains a preset target hash function; 传递模块,用于若所述文件中不存在所述恶意信息,则将所述文件传递至所述用户;A delivery module, configured to deliver the file to the user if the malicious information does not exist in the file; 损坏判断模块,用于基于所述目标散列函数,判断所述用户获取的所述文件是否被损坏。A damage judgment module is used to judge whether the file obtained by the user is damaged based on the target hash function. 9.一种电子设备,其特征在于,包括处理器、通信接口、存储器和通信总线,其中,所述处理器、所述通信接口以及所述存储器通过所述通信总线完成相互间的通信;9. An electronic device, comprising a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory communicate with each other through the communication bus; 所述存储器,用于存放计算机程序;The memory is used to store computer programs; 所述处理器,用于执行存储器上所存放的程序时,实现如权利要求1-7任一项所述的方法。The processor is used to implement the method according to any one of claims 1 to 7 when executing the program stored in the memory. 10.一个或多个计算机可读介质,其上存储有指令,当由一个或多个处理器执行时,使得所述处理器执行如权利要求1-7任一项所述的方法。10. One or more computer-readable media having instructions stored thereon, which when executed by one or more processors cause the processors to perform the method according to any one of claims 1 to 7.
CN202411770667.XA 2024-12-04 2024-12-04 A file downloading method, device, electronic device and readable medium Pending CN119814759A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411770667.XA CN119814759A (en) 2024-12-04 2024-12-04 A file downloading method, device, electronic device and readable medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411770667.XA CN119814759A (en) 2024-12-04 2024-12-04 A file downloading method, device, electronic device and readable medium

Publications (1)

Publication Number Publication Date
CN119814759A true CN119814759A (en) 2025-04-11

Family

ID=95263146

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411770667.XA Pending CN119814759A (en) 2024-12-04 2024-12-04 A file downloading method, device, electronic device and readable medium

Country Status (1)

Country Link
CN (1) CN119814759A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180036140A (en) * 2016-09-30 2018-04-09 고려대학교 산학협력단 Method and apparatus for examining forgery of file by using file hash value
CN110138733A (en) * 2019-04-03 2019-08-16 华南理工大学 Object storage system based on block chain is credible to deposit card and access right control method
CN116074128A (en) * 2023-04-04 2023-05-05 北京久安世纪科技有限公司 SFTP (Small form-factor pluggable) authorization method and system based on portable operation and maintenance gateway
CN117313085A (en) * 2023-09-04 2023-12-29 湖南快乐阳光互动娱乐传媒有限公司 File processing method and system
CN118433171A (en) * 2024-05-13 2024-08-02 国药控股数字科技(上海)有限公司 File transmission method, system, storage medium and electronic equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180036140A (en) * 2016-09-30 2018-04-09 고려대학교 산학협력단 Method and apparatus for examining forgery of file by using file hash value
CN110138733A (en) * 2019-04-03 2019-08-16 华南理工大学 Object storage system based on block chain is credible to deposit card and access right control method
CN116074128A (en) * 2023-04-04 2023-05-05 北京久安世纪科技有限公司 SFTP (Small form-factor pluggable) authorization method and system based on portable operation and maintenance gateway
CN117313085A (en) * 2023-09-04 2023-12-29 湖南快乐阳光互动娱乐传媒有限公司 File processing method and system
CN118433171A (en) * 2024-05-13 2024-08-02 国药控股数字科技(上海)有限公司 File transmission method, system, storage medium and electronic equipment

Similar Documents

Publication Publication Date Title
US12026261B2 (en) Quarantine of software by an evaluation server based on authenticity analysis of user device data
US12081540B2 (en) Configuring access to a network service based on a security state of a mobile device
US10452853B2 (en) Disarming malware in digitally signed content
US11140150B2 (en) System and method for secure online authentication
US10482260B1 (en) In-line filtering of insecure or unwanted mobile device software components or communications
CN102414689B (en) For improvement of the method and apparatus of code and data signing
US8875285B2 (en) Executable code validation in a web browser
US7613918B2 (en) System and method for enforcing a security context on a downloadable
US8949995B2 (en) Certifying server side web applications against security vulnerabilities
US12443715B2 (en) Disarming malware in protected content
KR20130129184A (en) System and method for server-coupled malware prevention
CN111950035A (en) Method, system, device and storage medium for integrity protection of apk file
Mansfield-Devine Android malware and mitigations
CN116743460A (en) Data exchange isolation method, system, equipment and storage medium for internal and external network
CN119814759A (en) A file downloading method, device, electronic device and readable medium
CN114978544A (en) Access authentication method, device, system, electronic equipment and medium
KR102534012B1 (en) System and method for authenticating security level of content provider
KR101975041B1 (en) Security broker system and method for securing file stored in external storage device
Armin Mobile threats and the underground marketplace
CN118821139B (en) Security management method, device, equipment, storage medium and product
Efe et al. Security Controls Against Mobile Application Threats
CN117278288A (en) A network attack protection method, device, electronic equipment and storage medium
WO2011095765A1 (en) Client server communication system and related aspects
Xing Resource Squatting Hazards in Modern Operating Systems: Analyses and Mitigations
Nachenberg Security Response

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination